La Sostenibilità per TIM

Il Report 2024 accoglie i principi della Corporate Sustainability Reporting Directive (CSRD) ed è incluso nella Relazione Finanziaria e di Sostenibilità. Approfondisci

Facebook Twitter Linkedin Copia Link

tag

CVE-2024-6360

CVE-2024-6360 – OpenText Vertica Management Console

Vulnerability Description: Incorrect Permission Assignment for Critical Resource – CWE-732

Software Version: 10.1.0

NIST: https://nvd.nist.gov/vuln/detail/CVE-2024-6360

CVSS:

Severity:

Credits: Davide Brian Di Campi, Massimiliano Brolli

The product creates, stores, and uses hard-coded plaintext keys that are needed for authorization when calling protected APIs

Security Impact

Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.